Documentation
¶
Overview ¶
Package mfa contains implementation of a handler for multi-factor authentication with WebAuthn.
Index ¶
- Constants
- type Authenticator
- func (a *Authenticator) Handle(ctx context.Context, w http.ResponseWriter, req *http.Request)
- func (a *Authenticator) HasMFACredentials(ctx context.Context, providerID string) (bool, error)
- func (a *Authenticator) Init(params idp.InitParams)
- func (a *Authenticator) SetMFAStateProviderID(w http.ResponseWriter, providerID string) (string, error)
- type LoginState
Constants ¶
const CookieName = "candid-login-mfa"
CookieName holds the name of the multi-factor authentication cookie.
const CookiePath = "/login/mfa"
CookiePath is the path to associate with the cookie storing the current multi-factor authentication state.
const StateName = "mfa-state"
StateName holds the name of the form field containing the multi-factor authentication state.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authenticator ¶
type Authenticator struct {
// Params holds the parameters passed to the identity provider.
Params idp.InitParams
// Authenticator holds the webauthn authenticator.
Authenticator *webauthn.WebAuthn
}
Authenticator implements methods needed for mfa.
func NewAuthenticator ¶
func NewAuthenticator(id, name, origin string) (*Authenticator, error)
NewAuthenticator returns a new multi-factor authenticator.
func (*Authenticator) Handle ¶
func (a *Authenticator) Handle(ctx context.Context, w http.ResponseWriter, req *http.Request)
Handle servers incoming http requests.
func (*Authenticator) HasMFACredentials ¶
HasMFACredentials returns true, if the user with the specified providerID has any registered MFA credentials.
func (*Authenticator) Init ¶
func (a *Authenticator) Init(params idp.InitParams)
Init sets the initial paramaters for the authenticator.
func (*Authenticator) SetMFAStateProviderID ¶
func (a *Authenticator) SetMFAStateProviderID(w http.ResponseWriter, providerID string) (string, error)
SetMFAStateProviderID sets the provider id in the mfa login state cookie.
type LoginState ¶
type LoginState struct {
// ProviderID holds the provider ID of the user that entered the
// correct username-password combination.
ProviderID string
// RegistrationSessionData holds data associated with the
// ongoing mfa security device registration process.
RegistrationSessionData string
// LoginSessionData holds data associated with the
// ongoing mfa login process.
LoginSessionData string
// ValidCredentialID holds the ID of the presented
// valid credential.
ValidCredentialID []byte
}
LoginState holds the state of the current multi-factor authentication login process.
Source Files